/*
 * Copyright © 2023 广州宏天软件股份有限公司 hotent
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package com.hotent.project.auth.security;

import org.springframework.security.crypto.password.PasswordEncoder;

/**
 * 自定义密码校验
 */
public class ICSPasswordEncoder implements PasswordEncoder {

    /**
     * 用于覆盖的自定义encoder
     */
    private PasswordEncoder delegateEncoder;

    /**
     * 当前线程是否忽略密码
     */
    private ThreadLocal<Boolean> ingorePwd = new ThreadLocal<Boolean>() {
        protected Boolean initialValue() {
            return false;
        }
    };

    public void setIngore(boolean ingore) {
        this.ingorePwd.set(ingore);
    }

    public void setDelegateEncoder(PasswordEncoder delegateEncoder) {
        this.delegateEncoder = delegateEncoder;
    }

    /**
     * Encode the raw password. Generally, a good encoding algorithm applies a SHA-1 or greater hash combined with an 8-byte
     * or greater randomly generated salt.
     */
    public String encode(CharSequence rawPassword) {
        return rawPassword.toString();
    }

    /**
     * Verify the encoded password obtained from storage matches the submitted raw password after it too is encoded. Returns
     * true if the passwords match, false if they do not. The stored password itself is never decoded.
     *
     * @param rawPassword the raw password to encode and match
     * @param encodedPassword the encoded password from storage to compare with
     * @return true if the raw password, after encoding, matches the encoded password from storage
     */
    public synchronized boolean matches(CharSequence rawPassword, String encodedPassword) {
        if (ingorePwd.get()) {
            this.ingorePwd.set(false);
            return true;
        }
        String enc = this.encode(rawPassword);
        return enc.equals(encodedPassword);
    }
}
